fd7cce42e76f71fcddf4a865635cf128_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd7cce42e76f71fcddf4a865635cf128_JaffaCakes118
Size

328KB
MD5

fd7cce42e76f71fcddf4a865635cf128
SHA1

3cbe8afe17630cb9f514c2839ef54dd73909346d
SHA256

be0502430fe46391968d39df8985de206f33d073c00ca6b412c4d371da2d7237
SHA512

5ad25ace4b132568009addb248fd88b3c2135d19996652c728f48059cf042973e8d0aa7c2060cdc154d2666d4e7ec5403e61f8b4e2d8d6a6ccd66b9a42b85c70
SSDEEP

6144:I/sWwxYEDxJUg+kY8de7QBLN+uPKaImbmqq9ayj9m4GMQwLMifHI3128LL62Cgy:AsW8O8s8tl3j6Ngy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd7cce42e76f71fcddf4a865635cf128_JaffaCakes118

Files

fd7cce42e76f71fcddf4a865635cf128_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cb51c6a219e45581ee5e473c9b370e3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantInit
VariantClear
VarUI4FromStr
SysStringLen
SysStringByteLen
SysFreeString
SysAllocStringLen
SysAllocString
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi

kernel32

GlobalHandle
GlobalLock
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
GlobalFree
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
SetLastError
SizeofResource
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
lstrlenW
GlobalAlloc
GetVersionExA
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetACP
FreeLibrary
FlushInstructionCache
DeleteCriticalSection
FindResourceA
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
LockResource

user32

PtInRect
RedrawWindow
RegisterClassExA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
SendMessageA
SetCapture
SetCursor
SetFocus
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
SetWindowTextA
UnregisterClassA
wsprintfA
LoadStringA
LoadCursorA
IsWindow
IsChild
InvalidateRgn
InvalidateRect
MessageBoxA
GetWindowTextA
GetWindowRect
GetWindowLongA
GetWindow
GetSysColor
GetParent
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetCursorPos
GetClientRect
GetClassNameA
GetClassInfoExA
GetActiveWindow
FillRect
EndPaint
EndDialog
EnableWindow
DialogBoxIndirectParamA
DestroyWindow
DestroyAcceleratorTable
DefWindowProcA
CreateWindowExA
GetWindowTextLengthA
MapDialogRect
BeginPaint
CallWindowProcA
CharNextA
CreateAcceleratorTableA
GetDC

gdi32

SetBkMode
SetGraphicsMode
SelectObject
SetViewportOrgEx
SetWindowOrgEx
SaveDC
RestoreDC
ModifyWorldTransform
GetStockObject
GetObjectA
GetDeviceCaps
DeleteObject
DeleteDC
DPtoLP
CreateSolidBrush
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
SetTextColor
BitBlt

advapi32

RegQueryInfoKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA

shell32

ShellExecuteA

ole32

CoTaskMemFree
CoTaskMemRealloc
CreateStreamOnHGlobal
OleInitialize
OleLockRunning
OleUninitialize
StringFromGUID2
CoGetClassObject
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc

comctl32

ord17

ddraw

DDInternalLock
GetSurfaceFromDC

Exports

Exports

CheckVolumeTextureRequirements
CreatePatchMesh
GetImageInfoFromFileInMemory
GetImageInfoFromResourceW
LoadLayer
QuaternionSquad
Vec2TransformNormalArray

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb51c6a219e45581ee5e473c9b370e3a

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

ddraw

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 138KB - Virtual size: 138KB

.data Size: 29KB - Virtual size: 30KB

.rsrc Size: 98KB - Virtual size: 98KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 138KB - Virtual size: 138KB

.data
Size: 29KB - Virtual size: 30KB

.rsrc
Size: 98KB - Virtual size: 98KB

.reloc
Size: 4KB - Virtual size: 3KB